We’ve received lots of questions about how to set up a church Safety and Security Ministry (SSM). An SSM is a new concept for many churches, and in this blog post, we are offering the process we use when consulting with churches. We look forward to your comments below about how you have set up your SSM and any other tips you would like to provide!

At a high level, our method is:

  1. Form your Safety and Security Ministry Team
  2. Understand your risks and threats
  3. Develop response plans for the risks you think are most likely
  4. Coordinate, review, and drill with your response team for each plan

First Things First: Your Team

The responsibility for safety of a church lies with the church leadership, but it is very common to identify someone from the congregation who has background in public safety to lead the way. This designee, who we call the SSM Lead, is responsible for forming the team and leading Steps 2 through 4.

The SSM Team must include the person or people with decision-making and spending authority for the church. The team should include Head Pastor, or someone who can speak with the same authority, to answer questions about the philosophical and spiritual aspects of any plans. You will also need people with authority and responsibility for spending money (Head of Administration), making physical changes to the facilities (Facilities Manager), and interacting with the congregation (Child Care Lead, Head Usher).

Of course, you can add or remove roles from this list to meet your situation, but this should give you an idea of the authority that people must lead who are on your Management Team.

Just as important as identifying the members of the team, you need to keep the team from growing too large. Do not include people with a focus on one issue (e.g. child protection) if you think they will be so focused that it becomes distracting – but do not hesitate these valuable, highly-motivated people to do the detailed work of planning, practicing, training, etc. in their area of interest.

Understand Your Risks

There has been a lot of focus on gun violence in the news lately, and your team may have been created so it could address the “active shooter problem” that could face your church. Granted, any active shooter incident is terrifying, and deserves discussion and planning. The job of the SSM Lead is to keep focus on all of the common threats that face your church. For instance, the threat posed by entering and leaving the parking lot of a church along a high speed two-lane road is probably greater than the threat of an active shooter — and the results of not addressing the threat can be just as devastating.

The most effective way to identify risks is to use a formal risk assessment process. A formal risk assessment process can remove emotion from identifying threats and helps to bring some risks to light that may otherwise be missed.

The basic process for a formal risk assessment process is:

  1. List the people, objects, etc. you want to protect
  2. For each item in #1, list the things that can happen to it (threats)
  3. “Score” each combination based on the impact of a “threat” actually happening to the “object”
  4. Rearrange your list based on the scoring

Develop Mitigation and Response Plans for Each High-Score Risk

After step 4 of the above process, you should have a ranked list of risks. Start with the highest-scoring risk and work your way downward. Think of what it would look like if any of the risks happened; if a risk happens, it is called an incident. Decide how you can avoid the risk (this is a mitigation) or respond if the risk becomes an incident (these are responses). Document mitigations and responses in enough detail so that the SSM Team can understand them. Make a list of anything that needs to be purchased to mitigate or properly respond to an incident, and rank it based on the same ranking as your risk list. This becomes your budget, and you and the SSM Team can use it to prioritize, to raise funds, seek grants, or request money from a higher echelon in your church hierarchy.

Your mitigation and response plans will probably have common tasks or repeating actions. An example is to check that windows are locked each night at lock-up time; another is to be sure that parent drop-offs to day care are logged. Any of these common, repeating tasks should be documented in Standard Operating Procedures, or SOPs. SOPs are used for training, and when properly applied, are an important communications tool for teams. It is a good practice to have written SOPs for all repetitive tasks, no matter how many times the same person repeats the task. The people performing repetitive tasks should have the SOPs with them as they perform their assigned duties. One way to keep them in good shape is to laminate them and keep them in a handy location. For example, the Opening and Closing Procedures can be kept on a spring-lock ring on a hook or shelf near the door used for last exit/first entrance. Another example is to keep your evacuation and rally-point processes in each go-bag, ready for use by the ushers or other staff on a moment’s notice.

Train and Drill Your Response Plans

Nothing is worse than a response plan that is never tested. The first time you try a plan will be a disaster, or pretty close to it. Some people will misinterpret their assigned duties, some people will “wing it”, and some things that look good on paper will fall apart with applied to the real world. It is critical that you and the assigned responders dry-run all highly-ranked response plans. First, do a “tabletop” exercise to be sure that everyone interprets the directions the same way. Then, do a slow walkthrough while communicating amongst the team. Finally, do full-speed drills to get the response plan into “muscle memory”. Repeat until you no longer have any questions about the process. Fix errors or weak points in your process as you find them, then update the documentation; do tabletop and slow walkthroughs as needed to solidify the process and cement it into responders’ heads.